proc: Split the namespace stuff out into linux/proc_ns.h

Split the proc namespace stuff out into linux/proc_ns.h.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: netdev@vger.kernel.org
cc: Serge E. Hallyn <serge.hallyn@ubuntu.com>
cc: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
David Howells 2013-04-12 01:50:06 +01:00 committed by Al Viro
parent c3bef7bcaa
commit 0bb80f2405
15 changed files with 109 additions and 92 deletions

View File

@ -21,7 +21,7 @@
#include <linux/fs_struct.h> /* get_fs_root et.al. */ #include <linux/fs_struct.h> /* get_fs_root et.al. */
#include <linux/fsnotify.h> /* fsnotify_vfsmount_delete */ #include <linux/fsnotify.h> /* fsnotify_vfsmount_delete */
#include <linux/uaccess.h> #include <linux/uaccess.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
#include "pnode.h" #include "pnode.h"
#include "internal.h" #include "internal.h"
@ -1350,13 +1350,13 @@ static bool mnt_ns_loop(struct path *path)
* mount namespace loop? * mount namespace loop?
*/ */
struct inode *inode = path->dentry->d_inode; struct inode *inode = path->dentry->d_inode;
struct proc_inode *ei; struct proc_ns *ei;
struct mnt_namespace *mnt_ns; struct mnt_namespace *mnt_ns;
if (!proc_ns_inode(inode)) if (!proc_ns_inode(inode))
return false; return false;
ei = PROC_I(inode); ei = get_proc_ns(inode);
if (ei->ns_ops != &mntns_operations) if (ei->ns_ops != &mntns_operations)
return false; return false;

View File

@ -51,8 +51,8 @@ static void proc_evict_inode(struct inode *inode)
sysctl_head_put(head); sysctl_head_put(head);
} }
/* Release any associated namespace */ /* Release any associated namespace */
ns_ops = PROC_I(inode)->ns_ops; ns_ops = PROC_I(inode)->ns.ns_ops;
ns = PROC_I(inode)->ns; ns = PROC_I(inode)->ns.ns;
if (ns_ops && ns) if (ns_ops && ns)
ns_ops->put(ns); ns_ops->put(ns);
} }
@ -73,8 +73,8 @@ static struct inode *proc_alloc_inode(struct super_block *sb)
ei->pde = NULL; ei->pde = NULL;
ei->sysctl = NULL; ei->sysctl = NULL;
ei->sysctl_entry = NULL; ei->sysctl_entry = NULL;
ei->ns = NULL; ei->ns.ns = NULL;
ei->ns_ops = NULL; ei->ns.ns_ops = NULL;
inode = &ei->vfs_inode; inode = &ei->vfs_inode;
inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
return inode; return inode;

View File

@ -51,7 +51,7 @@ static int ns_delete_dentry(const struct dentry *dentry)
static char *ns_dname(struct dentry *dentry, char *buffer, int buflen) static char *ns_dname(struct dentry *dentry, char *buffer, int buflen)
{ {
struct inode *inode = dentry->d_inode; struct inode *inode = dentry->d_inode;
const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns_ops; const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns.ns_ops;
return dynamic_dname(dentry, buffer, buflen, "%s:[%lu]", return dynamic_dname(dentry, buffer, buflen, "%s:[%lu]",
ns_ops->name, inode->i_ino); ns_ops->name, inode->i_ino);
@ -95,8 +95,8 @@ static struct dentry *proc_ns_get_dentry(struct super_block *sb,
inode->i_op = &ns_inode_operations; inode->i_op = &ns_inode_operations;
inode->i_mode = S_IFREG | S_IRUGO; inode->i_mode = S_IFREG | S_IRUGO;
inode->i_fop = &ns_file_operations; inode->i_fop = &ns_file_operations;
ei->ns_ops = ns_ops; ei->ns.ns_ops = ns_ops;
ei->ns = ns; ei->ns.ns = ns;
unlock_new_inode(inode); unlock_new_inode(inode);
} else { } else {
ns_ops->put(ns); ns_ops->put(ns);
@ -128,7 +128,7 @@ static void *proc_ns_follow_link(struct dentry *dentry, struct nameidata *nd)
if (!ptrace_may_access(task, PTRACE_MODE_READ)) if (!ptrace_may_access(task, PTRACE_MODE_READ))
goto out_put_task; goto out_put_task;
ns_path.dentry = proc_ns_get_dentry(sb, task, ei->ns_ops); ns_path.dentry = proc_ns_get_dentry(sb, task, ei->ns.ns_ops);
if (IS_ERR(ns_path.dentry)) { if (IS_ERR(ns_path.dentry)) {
error = ERR_CAST(ns_path.dentry); error = ERR_CAST(ns_path.dentry);
goto out_put_task; goto out_put_task;
@ -148,7 +148,7 @@ static int proc_ns_readlink(struct dentry *dentry, char __user *buffer, int bufl
{ {
struct inode *inode = dentry->d_inode; struct inode *inode = dentry->d_inode;
struct proc_inode *ei = PROC_I(inode); struct proc_inode *ei = PROC_I(inode);
const struct proc_ns_operations *ns_ops = ei->ns_ops; const struct proc_ns_operations *ns_ops = ei->ns.ns_ops;
struct task_struct *task; struct task_struct *task;
void *ns; void *ns;
char name[50]; char name[50];
@ -202,7 +202,7 @@ static struct dentry *proc_ns_instantiate(struct inode *dir,
ei = PROC_I(inode); ei = PROC_I(inode);
inode->i_mode = S_IFLNK|S_IRWXUGO; inode->i_mode = S_IFLNK|S_IRWXUGO;
inode->i_op = &proc_ns_link_inode_operations; inode->i_op = &proc_ns_link_inode_operations;
ei->ns_ops = ns_ops; ei->ns.ns_ops = ns_ops;
d_set_d_op(dentry, &pid_dentry_operations); d_set_d_op(dentry, &pid_dentry_operations);
d_add(dentry, inode); d_add(dentry, inode);
@ -337,6 +337,11 @@ out_invalid:
return ERR_PTR(-EINVAL); return ERR_PTR(-EINVAL);
} }
struct proc_ns *get_proc_ns(struct inode *inode)
{
return &PROC_I(inode)->ns;
}
bool proc_ns_inode(struct inode *inode) bool proc_ns_inode(struct inode *inode)
{ {
return inode->i_fop == &ns_file_operations; return inode->i_fop == &ns_file_operations;

View File

@ -6,6 +6,7 @@
#include <linux/spinlock.h> #include <linux/spinlock.h>
#include <linux/magic.h> #include <linux/magic.h>
#include <linux/atomic.h> #include <linux/atomic.h>
#include <linux/proc_ns.h>
struct net; struct net;
struct completion; struct completion;
@ -23,18 +24,6 @@ struct mm_struct;
/* Worst case buffer size needed for holding an integer. */ /* Worst case buffer size needed for holding an integer. */
#define PROC_NUMBUF 13 #define PROC_NUMBUF 13
/*
* We always define these enumerators
*/
enum {
PROC_ROOT_INO = 1,
PROC_IPC_INIT_INO = 0xEFFFFFFFU,
PROC_UTS_INIT_INO = 0xEFFFFFFEU,
PROC_USER_INIT_INO = 0xEFFFFFFDU,
PROC_PID_INIT_INO = 0xEFFFFFFCU,
};
/* /*
* This is not completely implemented yet. The idea is to * This is not completely implemented yet. The idea is to
* create an in-memory tree (like the actual /proc filesystem * create an in-memory tree (like the actual /proc filesystem
@ -81,10 +70,6 @@ struct proc_dir_entry *proc_create_data(const char *name, umode_t mode,
extern void remove_proc_entry(const char *name, struct proc_dir_entry *parent); extern void remove_proc_entry(const char *name, struct proc_dir_entry *parent);
extern int remove_proc_subtree(const char *name, struct proc_dir_entry *parent); extern int remove_proc_subtree(const char *name, struct proc_dir_entry *parent);
struct pid_namespace;
extern int pid_ns_prepare_proc(struct pid_namespace *ns);
extern void pid_ns_release_proc(struct pid_namespace *ns);
/* /*
* proc_tty.c * proc_tty.c
@ -132,12 +117,6 @@ extern struct proc_dir_entry *proc_net_mkdir(struct net *net, const char *name,
extern void proc_set_size(struct proc_dir_entry *, loff_t); extern void proc_set_size(struct proc_dir_entry *, loff_t);
extern void proc_set_user(struct proc_dir_entry *, kuid_t, kgid_t); extern void proc_set_user(struct proc_dir_entry *, kuid_t, kgid_t);
extern struct file *proc_ns_fget(int fd);
extern bool proc_ns_inode(struct inode *inode);
extern int proc_alloc_inum(unsigned int *pino);
extern void proc_free_inum(unsigned int inum);
#else #else
static inline void proc_flush_task(struct task_struct *task) static inline void proc_flush_task(struct task_struct *task)
@ -168,50 +147,8 @@ struct tty_driver;
static inline void proc_tty_register_driver(struct tty_driver *driver) {}; static inline void proc_tty_register_driver(struct tty_driver *driver) {};
static inline void proc_tty_unregister_driver(struct tty_driver *driver) {}; static inline void proc_tty_unregister_driver(struct tty_driver *driver) {};
static inline int pid_ns_prepare_proc(struct pid_namespace *ns)
{
return 0;
}
static inline void pid_ns_release_proc(struct pid_namespace *ns)
{
}
static inline struct file *proc_ns_fget(int fd)
{
return ERR_PTR(-EINVAL);
}
static inline bool proc_ns_inode(struct inode *inode)
{
return false;
}
static inline int proc_alloc_inum(unsigned int *inum)
{
*inum = 1;
return 0;
}
static inline void proc_free_inum(unsigned int inum)
{
}
#endif /* CONFIG_PROC_FS */ #endif /* CONFIG_PROC_FS */
struct nsproxy;
struct proc_ns_operations {
const char *name;
int type;
void *(*get)(struct task_struct *task);
void (*put)(void *ns);
int (*install)(struct nsproxy *nsproxy, void *ns);
unsigned int (*inum)(void *ns);
};
extern const struct proc_ns_operations netns_operations;
extern const struct proc_ns_operations utsns_operations;
extern const struct proc_ns_operations ipcns_operations;
extern const struct proc_ns_operations pidns_operations;
extern const struct proc_ns_operations userns_operations;
extern const struct proc_ns_operations mntns_operations;
union proc_op { union proc_op {
int (*proc_get_link)(struct dentry *, struct path *); int (*proc_get_link)(struct dentry *, struct path *);
@ -231,8 +168,7 @@ struct proc_inode {
struct proc_dir_entry *pde; struct proc_dir_entry *pde;
struct ctl_table_header *sysctl; struct ctl_table_header *sysctl;
struct ctl_table *sysctl_entry; struct ctl_table *sysctl_entry;
void *ns; struct proc_ns ns;
const struct proc_ns_operations *ns_ops;
struct inode vfs_inode; struct inode vfs_inode;
}; };

74
include/linux/proc_ns.h Normal file
View File

@ -0,0 +1,74 @@
/*
* procfs namespace bits
*/
#ifndef _LINUX_PROC_NS_H
#define _LINUX_PROC_NS_H
struct pid_namespace;
struct nsproxy;
struct proc_ns_operations {
const char *name;
int type;
void *(*get)(struct task_struct *task);
void (*put)(void *ns);
int (*install)(struct nsproxy *nsproxy, void *ns);
unsigned int (*inum)(void *ns);
};
struct proc_ns {
void *ns;
const struct proc_ns_operations *ns_ops;
};
extern const struct proc_ns_operations netns_operations;
extern const struct proc_ns_operations utsns_operations;
extern const struct proc_ns_operations ipcns_operations;
extern const struct proc_ns_operations pidns_operations;
extern const struct proc_ns_operations userns_operations;
extern const struct proc_ns_operations mntns_operations;
/*
* We always define these enumerators
*/
enum {
PROC_ROOT_INO = 1,
PROC_IPC_INIT_INO = 0xEFFFFFFFU,
PROC_UTS_INIT_INO = 0xEFFFFFFEU,
PROC_USER_INIT_INO = 0xEFFFFFFDU,
PROC_PID_INIT_INO = 0xEFFFFFFCU,
};
#ifdef CONFIG_PROC_FS
extern int pid_ns_prepare_proc(struct pid_namespace *ns);
extern void pid_ns_release_proc(struct pid_namespace *ns);
extern struct file *proc_ns_fget(int fd);
extern struct proc_ns *get_proc_ns(struct inode *);
extern int proc_alloc_inum(unsigned int *pino);
extern void proc_free_inum(unsigned int inum);
extern bool proc_ns_inode(struct inode *inode);
#else /* CONFIG_PROC_FS */
static inline int pid_ns_prepare_proc(struct pid_namespace *ns) { return 0; }
static inline void pid_ns_release_proc(struct pid_namespace *ns) {}
static inline struct file *proc_ns_fget(int fd)
{
return ERR_PTR(-EINVAL);
}
static inline struct proc_ns *get_proc_ns(struct inode *inode) { return NULL; }
static inline int proc_alloc_inum(unsigned int *inum)
{
*inum = 1;
return 0;
}
static inline void proc_free_inum(unsigned int inum) {}
static inline bool proc_ns_inode(struct inode *inode) { return false; }
#endif /* CONFIG_PROC_FS */
#endif /* _LINUX_PROC_NS_H */

View File

@ -12,7 +12,7 @@
#include <linux/utsname.h> #include <linux/utsname.h>
#include <generated/utsrelease.h> #include <generated/utsrelease.h>
#include <linux/version.h> #include <linux/version.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
#ifndef CONFIG_KALLSYMS #ifndef CONFIG_KALLSYMS
#define version(a) Version_ ## a #define version(a) Version_ ## a

View File

@ -16,7 +16,7 @@
#include <linux/msg.h> #include <linux/msg.h>
#include <linux/ipc_namespace.h> #include <linux/ipc_namespace.h>
#include <linux/utsname.h> #include <linux/utsname.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
#include <asm/uaccess.h> #include <asm/uaccess.h>
#include "util.h" #include "util.h"

View File

@ -12,7 +12,7 @@
#include <linux/fs.h> #include <linux/fs.h>
#include <linux/mount.h> #include <linux/mount.h>
#include <linux/user_namespace.h> #include <linux/user_namespace.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
#include "util.h" #include "util.h"

View File

@ -22,7 +22,7 @@
#include <linux/pid_namespace.h> #include <linux/pid_namespace.h>
#include <net/net_namespace.h> #include <net/net_namespace.h>
#include <linux/ipc_namespace.h> #include <linux/ipc_namespace.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
#include <linux/file.h> #include <linux/file.h>
#include <linux/syscalls.h> #include <linux/syscalls.h>
@ -241,7 +241,7 @@ SYSCALL_DEFINE2(setns, int, fd, int, nstype)
const struct proc_ns_operations *ops; const struct proc_ns_operations *ops;
struct task_struct *tsk = current; struct task_struct *tsk = current;
struct nsproxy *new_nsproxy; struct nsproxy *new_nsproxy;
struct proc_inode *ei; struct proc_ns *ei;
struct file *file; struct file *file;
int err; int err;
@ -250,7 +250,7 @@ SYSCALL_DEFINE2(setns, int, fd, int, nstype)
return PTR_ERR(file); return PTR_ERR(file);
err = -EINVAL; err = -EINVAL;
ei = PROC_I(file_inode(file)); ei = get_proc_ns(file_inode(file));
ops = ei->ns_ops; ops = ei->ns_ops;
if (nstype && (ops->type != nstype)) if (nstype && (ops->type != nstype))
goto out; goto out;

View File

@ -36,6 +36,7 @@
#include <linux/pid_namespace.h> #include <linux/pid_namespace.h>
#include <linux/init_task.h> #include <linux/init_task.h>
#include <linux/syscalls.h> #include <linux/syscalls.h>
#include <linux/proc_ns.h>
#include <linux/proc_fs.h> #include <linux/proc_fs.h>
#define pid_hashfn(nr, ns) \ #define pid_hashfn(nr, ns) \

View File

@ -15,7 +15,7 @@
#include <linux/err.h> #include <linux/err.h>
#include <linux/acct.h> #include <linux/acct.h>
#include <linux/slab.h> #include <linux/slab.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
#include <linux/reboot.h> #include <linux/reboot.h>
#include <linux/export.h> #include <linux/export.h>

View File

@ -16,7 +16,7 @@
#include <linux/interrupt.h> #include <linux/interrupt.h>
#include <linux/export.h> #include <linux/export.h>
#include <linux/user_namespace.h> #include <linux/user_namespace.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
/* /*
* userns count is 1 for root user, 1 for init_uts_ns, * userns count is 1 for root user, 1 for init_uts_ns,

View File

@ -9,7 +9,7 @@
#include <linux/nsproxy.h> #include <linux/nsproxy.h>
#include <linux/slab.h> #include <linux/slab.h>
#include <linux/user_namespace.h> #include <linux/user_namespace.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
#include <linux/highuid.h> #include <linux/highuid.h>
#include <linux/cred.h> #include <linux/cred.h>
#include <linux/securebits.h> #include <linux/securebits.h>

View File

@ -15,7 +15,7 @@
#include <linux/err.h> #include <linux/err.h>
#include <linux/slab.h> #include <linux/slab.h>
#include <linux/user_namespace.h> #include <linux/user_namespace.h>
#include <linux/proc_fs.h> #include <linux/proc_ns.h>
static struct uts_namespace *create_uts_ns(void) static struct uts_namespace *create_uts_ns(void)
{ {

View File

@ -10,7 +10,8 @@
#include <linux/idr.h> #include <linux/idr.h>
#include <linux/rculist.h> #include <linux/rculist.h>
#include <linux/nsproxy.h> #include <linux/nsproxy.h>
#include <linux/proc_fs.h> #include <linux/fs.h>
#include <linux/proc_ns.h>
#include <linux/file.h> #include <linux/file.h>
#include <linux/export.h> #include <linux/export.h>
#include <linux/user_namespace.h> #include <linux/user_namespace.h>
@ -336,7 +337,7 @@ EXPORT_SYMBOL_GPL(__put_net);
struct net *get_net_ns_by_fd(int fd) struct net *get_net_ns_by_fd(int fd)
{ {
struct proc_inode *ei; struct proc_ns *ei;
struct file *file; struct file *file;
struct net *net; struct net *net;
@ -344,7 +345,7 @@ struct net *get_net_ns_by_fd(int fd)
if (IS_ERR(file)) if (IS_ERR(file))
return ERR_CAST(file); return ERR_CAST(file);
ei = PROC_I(file_inode(file)); ei = get_proc_ns(file_inode(file));
if (ei->ns_ops == &netns_operations) if (ei->ns_ops == &netns_operations)
net = get_net(ei->ns); net = get_net(ei->ns);
else else